TOP 4 SECURITY LESSONS FROM COVID-19
Here are the top 4 security lessons organizations can learn from the COVID-19 pandemic. I knew right away that I was taking my life into my own hands when I disagreed with my wife. She had been telling me that the Corona Virus pandemic was going to make it to the United States and was going to have a tremendous impact on everyone. Now, after 24 years of marriage, you’d think that I would know better to disagree with my wife. I seemed to have forgotten that. My opinion was that it was not going to be a ‘big deal’ and that our country would hardly feel the impact. Boy was I wrong.
Now we’re in lockdown mode. I reflected on the conversation we had and how I could have been so far off. I was so confident because I felt like we, as a country, were prepared. Additionally, I felt like we, as a family, we’re definitely prepared. I couldn’t have been more wrong. My wife was so right. My overconfidence simply got in the way of someone who had more knowledge than I did. It got me thinking about how there were valuable lessons in this experience, especially as it relates to Security. So I came up with the top 4 security lessons learned from COVID-19.
SECURITY LESSON 1
Sun Tzu said in the Art of War, “If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” I violated this exact principle during that conversation with my wife. I failed to understand my opponent, however, my wife didn’t.
The first lesson in the Top 4 Security Lessons Learned From COVID-19 is to know your enemy. This is often an organization’s first mistake when examining their security vulnerabilities. Many companies believe that they are prepared to face the security challenges specific to their industry. For some that may be true, however, most find out all too late that they were wrong. So why does this happen? What makes organizations likely to dismiss unseen threats? The answer is simple. Ego. While it’s good to see ourselves as strong and capable, it can prove disastrous when we confuse that with invincibility. Organizational leaders must always guard themselves against such thinking. They must understand the value of seeking out expert advice while knowing that it isn’t a weakness in doing so. An experienced Security Consultant has the ability to help an organization identify potential vulnerabilities and provide solutions to reduce or even eliminate them.
SECURITY LESSON 2
Much like COVID-19, organizations must understanding that most threats are unseen. In the early stages of the COVID-19 pandemic, most people just went about their daily business and took little to no precautions to prevent exposure. Now, a few weeks into the pandemic, it is commonplace to see people wearing masks and gloves as the realization that failure to do so could prove deadly.
Organizations should constantly be examining their security protocols and emerging unseen threats to strengthen their existing programs. As Benjamin Franklin once said, ‘An ounce of prevention is worth a pound of cure.’ Complacency is a trap. Just because you can’t see a threat, doesn’t mean it doesn’t exist. Complacency is at the top of the 4 security lessons we can learn from COVID-19. Be prepared. Stay vigilant.
SECURITY LESSON 3
Doctors across the globe have been advocating for necessary precautions to prevent the spread of COVID-19. Avoiding exposure to COVID-19 is the best way to prevent illness. Things such as social distancing, frequent hand washing, and wearing protective gear (face masks/gloves) are quickly becoming the norm. This is because the medical community understands that once exposed to the virus, there is little that can be done, as there is no cure.
The third lesson relating to security is that once an intruder has breached your facility, it is very difficult to prevent the plans they intend to carry out. That can be anything from theft to mass casualties (active shooter). Security plans identify intruders prior to entry and deny them access. In doing so, organizations can decrease the loss of life and property. Prevention should be a top priority in every security plan.
The final lesson that we have learned from COVID-19 is that contingency plans are invaluable. Some hospitals are better prepared than others. This is a direct result of contingency planning. A great example is in Canada. Ontario stockpiled over 55 million N95 masks after the SARS epidemic in 2002. This was a good plan when first enacted, however, after 18 years those masks are all expired and won’t provide the highest level of protection to their healthcare workers. Security plans are living documents that must be evaluated constantly to ensure it is still viable. Does your organization have a protocol to review your security plan?
We are in a strange, new world right now. Products are in limited supply, thousands of people are out of work, and there is still no exact end in sight to this pandemic. While there are many stories of people helping out their neighbors during this tough time, there will be many unscrupulous criminals looking to exploit the situation.
COVID-19 has closed down many businesses. Do you have the ability to monitor your business remotely via CCTV? Are you keeping an eye on your inventories? With supplies being limited, there may be a surge in thefts. Most importantly, are you able to protect your most valuable assets, your employees? These are only a couple of the questions you should be asking yourself right now. The fact is, that this is a temporary situation that will improve over time. Being vigilant now more than ever will ensure your organization can minimize any losses caused by COVID-19.